Unauthenticated Remote Attacker Could Bypass Configured Access Control Lists
CVE-2024-20384
Key Information
- Vendor
- Cisco
- Status
- Cisco Adaptive Security Appliance (asa) Software
- Cisco Firepower Threat Defense Software
- Vendor
- CVE Published:
- 23 October 2024
Badges
Summary
A vulnerability in the Network Service Group (NSG) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access control list (ACL) and allow traffic that should be denied to flow through an affected device.
This vulnerability is due to a logic error that occurs when NSG ACLs are populated on an affected device. An attacker could exploit this vulnerability by establishing a connection to the affected device. A successful exploit could allow the attacker to bypass configured ACL rules.
Affected Version(s)
Cisco Adaptive Security Appliance (ASA) Software = 9.16.1
Cisco Adaptive Security Appliance (ASA) Software = 9.16.1.28
Cisco Adaptive Security Appliance (ASA) Software = 9.16.2
References
CVSS V3.1
Timeline
- ๐พ
Exploit known to exist
Vulnerability published